Post-quantum cryptography (PQC) is one of the most practical security shifts happening right now. NIST already has three PQC standards available, and migration pressure is increasing as “harvest now, decrypt later” attacks make current encryption a ticking time bomb.
Why This Is Urgent
The threat model is simple:
- Adversaries are recording encrypted traffic today
- Quantum computers will be able to break RSA and ECC within 10-15 years
- Data with long confidentiality requirements (health records, state secrets, financial data) is already compromised
This is called “harvest now, decrypt later” — and it is happening right now.
What Breaks and What Survives
| Algorithm | Status Post-Quantum | Replacement |
|---|---|---|
| RSA-2048 | ❌ Broken | ML-KEM (Kyber) |
| ECDSA | ❌ Broken | ML-DSA (Dilithium) |
| ECDH | ❌ Broken | ML-KEM (Kyber) |
| AES-256 | ✅ Safe (increase key size) | AES-256 (already quantum-safe) |
| SHA-256 | ✅ Safe | SHA-256 |
Symmetric encryption and hashing survive. Public-key cryptography (key exchange, digital signatures) must be replaced.
NIST PQC Standards (Finalized)
| Standard | Algorithm | Use Case |
|---|---|---|
| FIPS 203 | ML-KEM (Kyber) | Key encapsulation (TLS, VPNs) |
| FIPS 204 | ML-DSA (Dilithium) | Digital signatures |
| FIPS 205 | SLH-DSA (SPHINCS+) | Stateless hash-based signatures |
Migration Playbook
Step 1: Inventory Your Cryptography
Find every system that uses public-key cryptography:
- TLS certificates and configurations
- VPN tunnels (IPsec, WireGuard)
- Code signing and software updates
- SSH keys
- Database encryption
- API authentication (JWT, OAuth tokens)
- Blockchain and smart contracts
Step 2: Prioritize by Data Sensitivity
Migrate first:
- Long-lived secrets (encryption keys, certificates with 5+ year validity)
- Data with long confidentiality requirements (health, financial, government)
- High-value targets (critical infrastructure, defense)
Step 3: Deploy Hybrid Mode
Use hybrid algorithms that combine classical and post-quantum:
TLS 1.3 with X25519Kyber768
= Classical ECDH + Post-Quantum ML-KEMChrome, Firefox, and Cloudflare already support hybrid PQC in TLS. If the quantum algorithm has a flaw, the classical algorithm still protects you.
Step 4: Update Infrastructure
# OpenSSL 3.x with PQC support
openssl genpkey -algorithm ML-DSA-65 -out pqc-key.pem
openssl req -new -key pqc-key.pem -out pqc-csr.pemTimeline
- 2024-2025: Standards finalized, early adoption
- 2026-2027: Major vendors ship PQC-capable products
- 2028-2030: Regulatory mandates for PQC migration
- 2030-2035: Quantum computers approach cryptographic relevance
The window to act is now — not when quantum computers arrive.
My Recommendation
Start your cryptographic inventory today. You cannot migrate what you cannot find. Then enable hybrid PQC in TLS (your CDN or load balancer may already support it). Plan a 3-5 year migration timeline for everything else.
Book a consultation to plan your post-quantum migration.
